Home / Blog /Cybersecurity Causing You Confusion?

Cybersecurity Causing You Confusion?

by CompuTech City Admin Wednesday, 07 November 2018 CompuTech City Blog

Cybersecurity Causing You Confusion When we ask physicians and practice managers the status of their office’s cybersecurity, they often aren’t quite sure. Some even think they don’t need to worry about it.

For instance, one practice manager told us, “My data is in the cloud. It’s safe.”

Another said, “My storage is all under my control on-site. It’s safe.”

Neither are 100 percent true.

How can such confusion continue to reign in a field as highly regulated, strictly monitored, innovative and important to society as medicine?

The easy – and correct – answer is that medical professionals, like most non-IT people, just don’t know what risks now lurk and what cybersecurity solutions are now available. They aren’t aware that anti-virus isn’t enough to protect their practices any more.

GETTING TO KNOW YOUR GAPS
What the practice managers above were missing was a holistic view of their practices’ cybersecurity. They viewed back-ups as sufficient. They weren’t considering that, should one back-up fail, they would need a second back-up from which to recover data. For those putting data in the cloud, they have to ensure their network connections to the cloud are sufficiently protected and encrypted as to prevent someone from intercepting the data en route.

Unfortunately, this narrow view of cybersecurity dominates many businesses’ information security practices. It leaves wide holes in security that hackers are more than happy to exploit.

CYBERSECURITY TOOLS YOU NEED
While some confusion and disagreement exists among medical practices over which information security solutions are best, there are some practices and solutions you can implement immediately to protect your practice.

Most cybersecurity experts agree that you need a layered security strategy – what’s called “defense-in-depth” – just like with back-ups.

First, you must get buy-in from your employees on increasing their cybersecurity awareness. Cybersecurity awareness training is one of the most important investments you can make in your employees and your business’ security. This will begin making your office proactive rather than reactive to cyberattacks.

Beyond just being aware, however, other cybersecurity solutions must be in place as part of your “defense-in-depth” security strategy.

1. CryptoPrevent, which, in defense against ransomware, shuts down workstations when it detects unusual encryption of your files and alerts our engineering team to investigate

2 Full-Disk Encryption ensures any lost or stolen computer’s hard drive cannot be accessed even if it’s put into another computer. It’s also a HIPAA requirement

3. Full-Time and Proactive Monitoring stays on top of any issues that arise with your systems

4. Patching and Updating allows your IT provider to push patches and updates to doctors’ offices after we’ve internally tested them for stability and security

5. Firewalls monitor and control in-going and out-going network traffic to help protect against network intrusions

6. OpenDNS works to filter phishing and other malicious web sites from your employees’ browsers

7. Email Filtering which identifies and requires verification before delivering suspicious emails

8. Cybersecurity Awareness Training Did we already mention cybersecurity-awareness training? We add it to this list because it’s such a key piece of information security.

9. HIPAA Compliance Training. Training on HIPAA compliance is also a must for practice employees.


If you can’t deploy these yourself, contact your managed service provider or us for help.

FIND OUT WHERE YOU STAND ON SECURITY Getting help securing your practice is far less expensive than getting help after a cyberattack. As the only medical-focused managed IT service provider in Central Florida, we have 16 years of experience you can draw on to improve your business’ security.

CompuTech City wrote the book on keeping your practice secure. Get your free copy and then ask us to review your cybersecurity infrastructure and offer suggestions for improvements.

Check out our social media:
     
Copyright © 2016 l computechcity.com. All rights reserved.